Creating QFlows from a Template
Click here to see this page in full context


Creating QFlows from a Template

You can use any suitable templates available for creating your own QFlow. You can select a template to adopt the QFlow. Let us take one use case; you want to identify the Security Groups allowing IPs other than the allowed IPs defined by your organization. You can directly use the template; you need to select the account and region and click Save. You can customize this template to suit your requirement.

For this QFlow, you can use the Security Group allowing outside IP’s template. 

1. Navigate to the QFlows tab > Create QFlow > Using a template.

2. Click to customize to use the Security Group allowing outside IPs  template.2. Click to customize to use the Security Group allowing outside IPs  template.

Select a template

The QFlow Template is displayed. 
You can use the template directly; you need to select the account and region and click Save. You can customize this template to suit your requirement.

Template is displayed.

3. Select the account and a region to verify with a single account and region.3. Select the account and a region to verify with a single account and region.

Note: Qualys recommends to test and verify the QFlow with a single account and region before applying it to multiple accounts and regions. Once satisfied with the QFlow and outcome, you can deploy the QFlow on multiple accounts and regions. 

The account and regions in your subscription are populated while selecting account and region.

- Click Select Account to choose the account from the list, and then click Apply.
- Click Select Region  to choose the region from the list, and then click Apply.

Select area and region.

You can customize the QFlow as per your need. You can customize variables. You can add global variables and use this value as a reference anywhere in the QFlow using the $wf.variables: <name>

Variable Type

Description

Auto

It automatically determined from the previous value and can be a string, number, boolean, or null.

Array

It contains an ordered collection of values.

Object

It contains an unordered set of key/value pairs.

String

Field type is not determined from the value but is always returned as a string.

You can perform various actions for the variables, like appending the same field as the earlier one defined in the variable, inserting a new field, or duplicating or removing the existing field.

Edit variable.

To know more about the usage of Variables, see Example

4. Run and check the functionality of the node.4. Run and check the functionality of the node.

It is best practice to check the functionality of individual nodes before running the QFlow.
- Click the three dots at the top right corner of the specific node to get the Run till option for running the QFlow until that specific node.

Dry run option till a node

The status of the running of the QFlow is displayed. The status of the input and output of the node is displayed in green.

Option to view execution.

You can view the execution history by clicking the  icon adjacent to the status for the details of the node’s output.

- Click the  icon to view the details of execution details.

View execution.

For demonstration, we have shown the custom node’s execution history. You can download the JSON file using  icon or copy the JSON code in the clipboard using  icon.

Viewing custom node's execution details

Note: Qualys recommends testing and verifying the QFlow with a single account and region before applying it to multiple accounts and regions. Once you are satisfied with the QFlow and outcome, you can deploy the QFlow on multiple accounts and regions.

Once you verify the functioning of your QFlow, you can save the QFlow.

4. To save the QFlow, click Save.

5. Associate your QFlow with AWS Accounts and Regions.. Associate your QFlow with AWS Accounts and Regions.

- Select the AWS Accounts and Regions and click Save.

Your QFlow is ready. You can now create user-defined control in the TotalCloud application. 

For more information refer to Use QFlow in TotalCloud

Example of VariableExample of Variable

You want to identify the Security Groups that permit IPs other than the allowed IPs defined by your organization in the above example.

You can define a new global variable named Exception that can have an Exception security group from your inventory consisting of specific IPs. So once you have defined that Exception variable, you do not have to add or delete IPs from the group at the node level.

1. Click  to insert a new variable, and select Auto.

2. Provide a name (Exception) to the variable and add the group (Exception security group).

You have created a new global variable as an Exception.

If you want to make an exception for this specific group, you can use a filter node to include the new global variable Exception.

3. Click the pencil  icon from Custom Node.

4. Click Insert node before and select Filter node from General Nodes.

5. Click the pencil  icon from the Filter node.

6. Select Key as $GroupName from the list, the Operator as != and write Value as $wf.variable.Exception.

Note: You are using the global variable defined in step 2.

Now the filter allows the assets defined in the Exception security group. Continue the rest of the procedure using the template as explained above.

Related Topics

View your QFlows

Use QFlow in TotalCloud

Creating QFlows from Scratch